Login Credentials Sent In Clear Text

Description

During the scan, Kayran managed to find that the Login Credentials are being Sent In Clear Text.
This vulnerability is caused when a user’s credentials are transmitted unencrypted. The credentials must be transmitted via HTTPS in order to prevent malicious users from intercepting this information.

Attackers could intercept, stealing the information using a MITM (Man-in-the-middle) attack to retrieve the credentials that are being sent in Clear text. The software transmits sensitive or security-critical data in clear text in a communication channel. That can be sniffed by unauthorized actors.

Recommendation

To prevent this vulnerability, make sure that the site transmits to the server by using trusted and encrypted connections (HTTPS).

References

https://cwe.mitre.org/data/definitions/319.html

< Return to all Vulnerabilities

The Dark Web

Let’s talk about the darker and more mysterious side of the internet, also known as The Dark Web. You’ve probably heard about it, whether it’s

Read More »